49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3 | Triage

Submit
Reports

Overview

overview

Static

static

8

49e42088d8...d3.xls

windows7-x64

49e42088d8...d3.xls

windows10-2004-x64

Sharing

General

Target

49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3
Size

150KB
Sample

221123-1kv8lsaf31
MD5

c4c146b7867d17e461481cbb8510a45f
SHA1

976e77afbf2539d7cfa52fb658d81f12cf60b452
SHA256

49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3
SHA512

06c380a7dcc18fddeb6b14c1e94c39da060bc6a7b45a155b1199b9e9b730cd95f69788b8d49b1c6fa9a0f222d78bca648bb857f9b980624ce878f38fce8a973a
SSDEEP

3072:44ll6Nc7yRzs1H75wkZUgsCfaX+9PwRnmoIPWVbrzQ7ITkeu+vJtXwH:dll6Nc7yRzs1H75wkZUgsCfaX+9PwRnH

Score

10^/10

macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3.xls

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3.xls

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3
- Size
  
  150KB
- MD5
  
  c4c146b7867d17e461481cbb8510a45f
- SHA1
  
  976e77afbf2539d7cfa52fb658d81f12cf60b452
- SHA256
  
  49e42088d816f9f860b43a849b979504f54b35495613d447a0f8ad6713f43ad3
- SHA512
  
  06c380a7dcc18fddeb6b14c1e94c39da060bc6a7b45a155b1199b9e9b730cd95f69788b8d49b1c6fa9a0f222d78bca648bb857f9b980624ce878f38fce8a973a
- SSDEEP
  
  3072:44ll6Nc7yRzs1H75wkZUgsCfaX+9PwRnmoIPWVbrzQ7ITkeu+vJtXwH:dll6Nc7yRzs1H75wkZUgsCfaX+9PwRnH
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy